CVE-2018-10862

Published: 2018-07-27T14:29Z

Last Modified: 2024-11-21T03:42Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the 'Zip Slip' vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt